kipp
kipp copied to clipboard
Rewrite encryption
The current system read content fully into memory, and encrypts it using AES128-GCM. The key, IV and nonce are then stored in a URL hash. This is fine, but has a few down-sides:
- In-memory isn't great for large files (this is primarily because of browser limitations).
- The IV and nonce can be public, and don't need to be stored in the URL, making it shorter.
- AES128-GCM is fine, but ChaCha20-Poly1305 is the current standard for authenticated encryption.
- It's not easy to iterate on as there is no meta association. Writing a protobuf definition as a sort of header would allow the inclusion of extra metadata and flexibility in encryption ciphers.
- No support for passwords
A lot of these would be solved by adding a protobuf definition, but the big issue is browser support for:
- Fetch streams (read/write)
- File API